mozilla
/
sops
зеркало из https://github.com/getsops/sops.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
790 коммитов 8 Ветки 35 Теги 176 MiB
Граф коммитов

790 Коммитов

Автор SHA1 Сообщение Дата
Julien Vehent [:ulfr] 5430b63879
Merge pull request #348 from mozilla/3.0.5 
release 3.0.5
 2018-05-15 14:14:54 -04:00
Julien Vehent 85fd14ddd2
release 3.0.5 2018-05-15 14:05:40 -04:00
Adrian Utrilla 5e6aa7f3eb
Fix double encryption prevention (#346) 
* Fix binary file bug double encryption prevention

The `ensureNoMetadata` function was incorrectly implemented and called
LoadEncryptedFile on the InputStore and checked whether the returned error was
MetadataNotFound or not. In the case where loading the input file as an encrypted
file would fail (e.g. due to syntax errors), it would incorrectly report the file as
having a "sops" branch. When using the binary mode, it would try to load the file as
an encrypted binary file (which is expected to be JSON), which would fail, thus
triggering this error.

* Add functional test for binary file roundtrip
 2018-05-14 19:59:07 +02:00
Adrian Utrilla 97ce8a62c9
Fix empty comments not being decrypted correctly (#344) 
SOPS failed to decrypt empty comments before after they were encrypted because they
would look like:

`#ENC[AES256_GCM,data:,iv:NVQvG25goSE7xi6U/QjRNtJBwr/VfChezSptI8GFsQk=,tag:yyYIW/hiIZ1qK1GEo8vHpA==,type:comment]`

Note the empty "data" value.

SOPS would fail to decrypt those and show them to the user "encrypted" when
decrypting the file.
 2018-05-08 14:09:11 -04:00
AJ Bahnken 9143db1e28
Merge pull request #343 from ajvb/ajvb/keyservice-error-message 
If keyservicecmd returns an error, log it.
 2018-05-07 11:18:24 -04:00
AJ Bahnken a6c0f6e048 If keyservicecmd returns an error, log it. 2018-05-07 11:08:24 -04:00
AJ Bahnken 038001b3a3 Auditing support 
* Implement auditing support

* Document auditing

* Address review comments

* Change log level for errors reading audit config

* Disable auditors during tests

* Make changes to docs suggested by @jvehent

* Code review fixes to init() in audit.go

* Implement encrypt audit event

* Include filepath in Tree created from sops/encrypt/encrypt

* Fix changes in audit.go to stay with current style

* Implement RotateEvent within rotate command

* github.com/lib/pq vendor dependencies

* Always get current user in PostgresAuditor.Handle()

* Initial CR fixes + gofmt

* gofmt

* fixed placement of audit event in rotate()

* Moved to a single table for audit events.

* Revert "Moved to a single table for audit events."

This reverts commit 7e7817e8a1.

* Remove audit tables delete protection rules

* Move to a single audit_event table with action column

* Remove unnecessary tree declaration
 2018-04-22 21:21:58 +02:00
Adrian Utrilla 1ffc93dfb6
Refactor Store interface to reflect operations SOPS performs (#335) 
* Refactor Store interface to reflect operations SOPS performs

Previously the Store interface tried to mimic the Marshaler and Unmarshaler
interfaces. This was a mistake, as it meant Stores had no idea whether the files they
were loading were encrypted or not.

Partially fixes #334

* Add regression test for loading plain JSON file with binary store
 2018-04-20 10:13:46 +02:00
Julien Vehent [:ulfr] 970b7be2e3
Merge pull request #312 from mozilla/prevent-double-encryption 
Prevent files from being encrypted twice
 2018-04-19 17:30:43 -04:00
Julien Vehent [:ulfr] 887c87b80a
Merge branch 'master' into prevent-double-encryption 2018-04-11 17:13:10 -04:00
Julien Vehent [:ulfr] b8c2051836
Merge pull request #318 from mozilla/release-3.0.3 
Release 3.0.3
 2018-04-11 09:20:43 -04:00
Adrian Utrilla dbc4022654
Merge branch 'master' into release-3.0.3 2018-04-11 14:48:31 +02:00
Adrian Utrilla 0bfa15ac25
Update changelog 2018-04-11 14:48:11 +02:00
Adrian Utrilla 37b6fff84d
Introduce key service flag optionally prompting users on encryption/decryption (#322) 2018-04-11 14:46:50 +02:00
Adrian Utrilla 5a5cfaae8f
Merge branch 'master' into release-3.0.3 2018-04-10 10:12:18 +02:00
dovreshef 16950d00d2 Adds `unencrypted_suffix` and `encrypted_suffix` to `.sops.yaml` (#325) 
Add the ability to specify `unencrypted_suffix` and `encrypted_suffix` using the `.sops.yaml` config file
 2018-04-09 10:50:47 +02:00
Adrian Utrilla f5b8e2cdef
Merge pull request #323 from dovreshef/added-encrypted-suffix 
Added an --encrypted-suffix option
 2018-04-08 17:06:32 +02:00
Dov Reshef ed934575ee Address review comments 2018-04-08 17:53:54 +03:00
Dov Reshef efd8521436 added the --encrypted-suffix option 2018-04-08 12:43:43 +03:00
Dov Reshef e57c8f2c85 Fixed wrong Errorf format in message 2018-04-08 10:48:11 +03:00
Adrian Utrilla 2df6575bf2
Merge pull request #314 from devinburnette/path-regex 
deprecate filename_regex in favor of path_regex
 2018-04-02 17:59:30 +02:00
Devin Burnette d3d0267f4e deprecate filename_regex in favor of path_regex 2018-04-02 11:17:45 -04:00
Julien Vehent [:ulfr] 4deb838454
Merge branch 'master' into prevent-double-encryption 2018-03-30 15:32:19 -04:00
Adrian Utrilla 4725e09e44
Update vendored dependencies 2018-03-30 21:19:35 +02:00
Adrian Utrilla 34d6b5001c
Release 3.0.3 2018-03-30 21:12:10 +02:00
Adrian Utrilla 68cf5aa561
Merge pull request #317 from mozilla/extract-string 
Don't yaml.MarshalValue strings on extract
 2018-03-30 21:05:04 +02:00
Adrian Utrilla f08b1f13c1
Merge branch 'extract-string' of github.com:mozilla/sops into extract-string 2018-03-30 20:54:24 +02:00
Adrian Utrilla 1a895c9004
Add functional test for extracting strings 2018-03-30 20:54:10 +02:00
Adrian Utrilla 2cba122812
Merge branch 'master' into extract-string 2018-03-30 20:34:36 +02:00
Adrian Utrilla 6037e42662
Don't yaml.MarshalValue strings on extract 2018-03-30 19:52:08 +02:00
Adrian Utrilla 72f59a05f5
Merge pull request #316 from mozilla/input-output-type-binary-flag 
Allow forcing binary input and output types through cli flags
 2018-03-30 19:45:32 +02:00
Adrian Utrilla 4153955f0a
Allow forcing binary input and output types through cli flags 2018-03-30 19:32:45 +02:00
Adrian Utrilla 45ecd0c3bb
Merge pull request #313 from devinburnette/fix-empty-file-bug 
dont create the file if its empty
 2018-03-28 21:29:49 +02:00
Devin Burnette 7230b16276 dont create the file if its empty 2018-03-28 15:16:33 -04:00
Adrian Utrilla a81f93919c
Prevent files from being encrypted twice 2018-03-28 19:03:01 +02:00
Adrian Utrilla c67cc9b1dc
Merge pull request #309 from willejs/statically-linked-binaries 
publish statically-linked binaries
 2018-03-28 00:43:40 +02:00
Will Salt 3abbcada60 publish statically-linked binaries 2018-03-27 16:58:00 +01:00
Adrian Utrilla 2228f2b335
Merge pull request #308 from deed02392/patch-1 
Set default logging level to Warn
 2018-03-27 16:58:14 +02:00
George Hafiz cb433443a2 Set default logging level to Warn 2018-03-27 15:59:41 +02:00
Julien Vehent [:ulfr] 78c2ce2a28
Merge pull request #307 from mozilla/reduce-logging 
Default to Warn log level unless verbose flag is passed
 2018-03-08 08:30:36 -05:00
Adrian Utrilla 9d6a8d0e21
Default to Warn log level unless verbose flag is passed 2018-03-07 17:18:45 +01:00
Adrian Utrilla 8a0ce52f1b
Merge pull request #301 from mozilla/update-deps 
Update yaml parser
 2018-02-23 21:18:45 +01:00
Adrian Utrilla da457a9e11
Update yaml parser 2018-02-23 18:57:27 +01:00
Adrian Utrilla 4e3a766e17
Merge pull request #298 from mozilla/set-fixes 
Rewrite set functionality to make it work with nested structures
 2018-02-20 23:52:44 +01:00
Adrian Utrilla 08eeea198a
Add a few extra tests 2018-02-20 23:32:19 +01:00
Adrian Utrilla f95a19cbec
Rewrite set functionality to make it work with nested structures 
Fixes #297
 2018-02-20 17:15:02 +01:00
Adrian Utrilla b48b4eba44
Merge pull request #293 from snebel29/improve/gcp-docs 
Add gcp example for .sops.yaml file
 2018-02-01 16:08:05 +01:00
snebel29 0a9608e541 Add gcp example for .sops.yaml file 2018-02-01 14:16:17 +00:00
Adrian Utrilla d9db6c0294
Merge pull request #270 from autrilla/shamir-docs 
Explain how Shamir's Secret Sharing works
 2018-01-18 23:41:25 +01:00
Julien Vehent [:ulfr] 72d6aeff7c
Merge branch 'master' into shamir-docs 2018-01-18 17:34:23 -05:00